$ rpki-client -vvf rpki.apnic.net/member_repository/A91923E1/2AF4B374322511ECA285F341C4F9AE02/42A39472C74E11ECB4AD656CC4F9AE02.roa File: 42A39472C74E11ECB4AD656CC4F9AE02.roa (raw, json) Hash identifier: fImPoQjcCGEMtVaG0vXMRn+nIx0n4x6cFQDmdGHL2YY= Subject key identifier: AE:28:F6:29:E9:6D:98:72:78:CB:6A:69:9F:2F:04:68:6B:C2:0D:2C Certificate issuer: /CN=A91923E1/serialNumber=EBAE1F9AB4956F1834B73529357C9F3F1E1205F0 Certificate serial: 04B1 Authority key identifier: EB:AE:1F:9A:B4:95:6F:18:34:B7:35:29:35:7C:9F:3F:1E:12:05:F0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/664fmrSVbxg0tzUpNXyfPx4SBfA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91923E1/2AF4B374322511ECA285F341C4F9AE02/42A39472C74E11ECB4AD656CC4F9AE02.roa Signing time: Sat 03 May 2025 00:05:58 +0000 ROA not before: Sat 03 May 2025 00:05:58 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 141884 IP address blocks: 103.163.252.0/23 maxlen: 23 103.163.252.0/24 maxlen: 24 103.163.253.0/24 maxlen: 24 2400:7460::/32 maxlen: 32 2400:7460:100::/40 maxlen: 40 2400:7460:200::/40 maxlen: 40 2400:7460:300::/40 maxlen: 40 2400:7460:400::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91923E1/2AF4B374322511ECA285F341C4F9AE02/664fmrSVbxg0tzUpNXyfPx4SBfA.crl rsync://rpki.apnic.net/member_repository/A91923E1/2AF4B374322511ECA285F341C4F9AE02/664fmrSVbxg0tzUpNXyfPx4SBfA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/664fmrSVbxg0tzUpNXyfPx4SBfA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 23:46:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1201 (0x4b1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91923E1, serialNumber=EBAE1F9AB4956F1834B73529357C9F3F1E1205F0 Validity Not Before: May 3 00:05:58 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68155de6-4b54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:e4:fa:8f:40:03:26:91:12:84:ca:5e:6e:df: ae:47:73:6d:f5:47:64:4d:8a:14:e1:66:84:eb:ee: f5:b8:a3:3d:f8:24:14:37:6f:70:fd:e3:d7:cb:3a: 8d:f0:b7:fd:e0:45:56:e0:5c:e7:a8:97:0b:d7:51: b4:1e:99:10:d4:b3:84:a9:a4:33:13:43:54:05:22: 7a:8e:df:ec:34:35:6d:33:36:24:28:03:45:00:a5: 63:4c:d0:4a:15:f2:7f:d4:a9:10:ef:03:25:09:10: 8e:03:5a:4a:ec:e1:8a:b2:20:9b:7e:bb:52:3d:fe: 97:66:03:c4:d3:0d:8a:22:af:4a:83:37:9c:6f:69: a7:2b:bc:b6:42:7c:23:6c:c2:0a:94:89:d1:62:5e: 39:cd:0c:bc:07:44:25:b3:26:11:44:e2:fb:bf:6c: 82:a3:89:2f:a8:8d:3a:12:ef:9b:5d:7b:33:2d:58: f8:62:56:9b:21:ce:4d:53:52:b8:93:9d:52:1d:2d: 1a:9c:83:f5:22:33:3d:9d:33:88:eb:f2:42:be:8d: 4d:ff:4f:7a:db:10:e9:3b:f8:d4:34:41:54:9a:3a: 38:c0:46:cd:89:06:3d:77:6f:da:38:07:b6:63:d3: 06:56:69:62:9e:76:e2:f4:a0:27:74:42:2f:54:c7: d8:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:28:F6:29:E9:6D:98:72:78:CB:6A:69:9F:2F:04:68:6B:C2:0D:2C X509v3 Authority Key Identifier: keyid:EB:AE:1F:9A:B4:95:6F:18:34:B7:35:29:35:7C:9F:3F:1E:12:05:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91923E1/2AF4B374322511ECA285F341C4F9AE02/664fmrSVbxg0tzUpNXyfPx4SBfA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/664fmrSVbxg0tzUpNXyfPx4SBfA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91923E1/2AF4B374322511ECA285F341C4F9AE02/42A39472C74E11ECB4AD656CC4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 103.163.252.0/23 IPv6: 2400:7460::/32 Signature Algorithm: sha256WithRSAEncryption 55:7e:95:17:f0:17:c1:49:97:49:17:7b:3d:b0:08:e4:7f:8b: 33:b5:fb:81:22:22:69:f2:7d:05:42:1d:71:f8:47:d5:59:94: 6f:46:26:1a:f5:de:89:11:52:20:fb:dc:be:27:4f:d1:ec:e6: 74:9a:d0:fd:22:8e:4a:b5:bb:a1:52:64:53:64:5c:ea:df:5d: 5a:6c:96:0f:82:6d:58:5d:33:59:d2:60:b3:73:a7:b2:24:e7: 73:1f:01:12:fb:d8:56:8e:c8:73:60:f7:b3:fd:ec:bc:7c:c0: 5e:e3:2f:bb:cc:9d:81:15:e7:00:a1:6b:04:c5:73:d7:1b:47: f9:f9:de:76:27:de:dc:b4:50:b3:1a:28:e6:8b:85:94:3b:d5: 7f:46:98:15:56:2e:84:48:f1:12:49:99:4a:33:33:01:3e:04: b4:53:05:d1:a7:7d:f1:76:16:ce:ed:53:ab:67:b6:21:3b:ac: 4c:f8:5c:dc:60:84:0d:75:8b:e6:02:a7:74:7e:0f:4d:55:0c: d7:5f:46:f9:9d:c9:72:25:3a:7f:d5:d1:d4:eb:2b:51:b2:57: a3:2c:48:7b:8a:2a:17:99:ea:c5:c6:d5:4a:54:c1:53:52:47: 32:9f:56:28:1f:e5:21:89:f7:c5:c8:f4:00:a5:d8:d4:ec:ed: 3d:57:93:22 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgICBLEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTIzRTExMTAvBgNVBAUTKEVCQUUxRjlBQjQ5NTZGMTgzNEI3MzUyOTM1N0M5RjNG MUUxMjA1RjAwHhcNMjUwNTAzMDAwNTU4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD VQQDEw02ODE1NWRlNi00YjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4uT6j0ADJpEShMpebt+uR3Nt9UdkTYoU4WaE6+71uKM9+CQUN29w/ePXyzqN 8Lf94EVW4FznqJcL11G0HpkQ1LOEqaQzE0NUBSJ6jt/sNDVtMzYkKANFAKVjTNBK FfJ/1KkQ7wMlCRCOA1pK7OGKsiCbfrtSPf6XZgPE0w2KIq9Kgzecb2mnK7y2Qnwj bMIKlInRYl45zQy8B0QlsyYRROL7v2yCo4kvqI06Eu+bXXszLVj4YlabIc5NU1K4 k51SHS0anIP1IjM9nTOI6/JCvo1N/0962xDpO/jUNEFUmjo4wEbNiQY9d2/aOAe2 Y9MGVmlinnbi9KAndEIvVMfYfwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFK4o9inp bZhyeMtqaZ8vBGhrwg0sMB8GA1UdIwQYMBaAFOuuH5q0lW8YNLc1KTV8nz8eEgXw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MjNFMS8yQUY0QjM3NDMy MjUxMUVDQTI4NUYzNDFDNEY5QUUwMi82NjRmbXJTVmJ4ZzB0elVwTlh5ZlB4NFNC ZkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzY2NGZtclNWYnhnMHR6VXBOWHlmUHg0U0JmQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx OTIzRTEvMkFGNEIzNzQzMjI1MTFFQ0EyODVGMzQxQzRGOUFFMDIvNDJBMzk0NzJD NzRFMTFFQ0I0QUQ2NTZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E HzAdMAwEAgABMAYDBAFno/wwDQQCAAIwBwMFACQAdGAwDQYJKoZIhvcNAQELBQAD ggEBAFV+lRfwF8FJl0kXez2wCOR/izO1+4EiImnyfQVCHXH4R9VZlG9GJhr13okR UiD73L4nT9Hs5nSa0P0ijkq1u6FSZFNkXOrfXVpslg+CbVhdM1nSYLNzp7Ik53Mf ARL72FaOyHNg97P97Lx8wF7jL7vMnYEV5wChawTFc9cbR/n53nYn3ty0ULMaKOaL hZQ71X9GmBVWLoRI8RJJmUozMwE+BLRTBdGnffF2Fs7tU6tntiE7rEz4XNxghA11 i+YCp3R+D01VDNdfRvmdyXIlOn/V0dTrK1GyV6MsSHuKKheZ6sXG1UpUwVNSRzKf Vigf5SGJ98XI9ACl2NTs7T1XkyI= -----END CERTIFICATE-----Generated at Wed May 14 14:53:04 2025 by rpki-client